Jun 17, 2014

Yesterday I wrote an article about how you can replace the version of Ubuntu you are running in your /etc/apt/sources.list file so you can upgrade to the GnuTLS 3.2.15 which is only available in the Ubuntu 14.10 repositories at the moment, and is the only version in the repositories that is not vulnerable to the latest GnuTLS exploit according to ZDNet.

Well, I mention at the end of that post that doing that is not the recommended way of doing things, and you should probably install GnuTLS from source. So I will tell you how to do that in this article, but instead of using GnuTLS 3.2.15, we will install 3.1.23 which is also not vulnerable to the latest GnuTLS vulnerability.

Why 3.1.23 though? Because to compile it you need to have libnettle 1.5 installed. That is the version that is available in the Ubuntu 14.04 repository. I tried manually installing GnuTLS 3.3.3, but it kept failing because it was looking for libnettle 1.7. I also tried installing libnettle 1.7 from source and got errors there too. Trust me, upgrading to Ubuntu 14.04 and installing GnuTLS 3.1.23 will be less of a headache.

Add a symlink to your libgnutls.so.28 file so gnutls-cli can tell us what version we are runningln -s /usr/local/lib/libgnutls.so.28 /usr/lib/libgnutls.so.28

That's it! After that you can run gnutls-cli -v and you will have the following output:

gnutls-cli 3.1.23Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.This is free software. It is licensed for use, modification andredistribution under the terms of the GNU General Public License,version 3 or later <http://gnu.org/licenses/gpl.html>